It's very difficult, because generally, up until very recently, we haven't seen such timelines. Governments of various stripes have been very reluctant to do this. They prefer the flexibility of having non-public retention schedules. It's often treated as a national security matter and a matter of secrecy to do so. I don't think that's necessary in this case.
The challenge here, and I think the reason that the government would prefer to have this in regulation, is that there are so many different objectives to the Bill C-21 initiative that might require different kinds of timelines around data retention. Despite that, I would still say that I think you could outline the different objectives and say the appropriate retention schedules for each of these different objectives, with some caveat around flexibility, should be x. The basic idea, as that concept might be worked through, would not be to just let this information sit forever, which is, I think, the default.